From 2a273ef504c2484045f0e877504844f1d5ef3ab9 Mon Sep 17 00:00:00 2001
From: Satindar Dhillon <satindar@gmail.com>
Date: Wed, 24 Aug 2022 21:00:15 -0700
Subject: [PATCH] specify multiple aud values when verifying google tokens

---
 packages/api/src/routers/auth/google_auth.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/packages/api/src/routers/auth/google_auth.ts b/packages/api/src/routers/auth/google_auth.ts
index 61479c298..c2ed892df 100644
--- a/packages/api/src/routers/auth/google_auth.ts
+++ b/packages/api/src/routers/auth/google_auth.ts
@@ -59,6 +59,7 @@ export const validateGoogleUser = async (
 
 const iosClientId = env.google.auth.iosClientId
 const webClientId = env.google.auth.clientId
+const androidClientId = env.google.auth.androidClientId
 
 const googleWebClient = new OAuth2Client(webClientId)
 const googleIOSClient = new OAuth2Client(iosClientId)
@@ -72,7 +73,7 @@ export async function decodeGoogleToken(
 
     const loginTicket = await googleMobileClient.verifyIdToken({
       idToken,
-      audience: isAndroid ? env.google.auth.androidClientId : iosClientId,
+      audience: [iosClientId, webClientId, androidClientId],
     })
 
     const email = loginTicket.getPayload()?.email